I am running into issues while trying to access kerberos SPNEGO authenticated resource using spring rest client. I am using KerberosRestTemplate
.
From the docs
Leave
keyTabLocation
anduserPrincipal
empty if you want to use cached ticket.
But while I try with invoking the parameterless constructor
this.kerberosRestTemplate = new KerberosRestTemplate();
And try to access to the protected resource it fails with the following error:
org.springframework.web.client.RestClientException: Error running rest call; nested exception is java.lang.IllegalArgumentException: Null name not allowed
at org.springframework.security.kerberos.client.KerberosRestTemplate.doExecute(KerberosRestTemplate.java:196)
at org.springframework.web.client.RestTemplate.execute(RestTemplate.java:538)
at org.springframework.web.client.RestTemplate.getForObject(RestTemplate.java:245)
Caused by: java.lang.IllegalArgumentException: Null name not allowed
at sun.security.krb5.PrincipalName.<init>(PrincipalName.java:356) ~[?:1.7.0_67]
at javax.security.auth.kerberos.KerberosPrincipal.<init>(KerberosPrincipal.java:123) ~[?:1.7.0_67]
at org.springframework.security.kerberos.client.KerberosRestTemplate.doExecute(KerberosRestTemplate.java:182)
What am I doing wrong here?
Please try these spring-security-kerberos . I think you are missing basic configuration which can be achieved either via xml or java configuration based .
Can also try following options:
只需使用keyTabLocation的null以及userPrincipal的任何非空字符串调用构造函数,如下所示:
KerberosRestTemplate restTemplate = new KerberosRestTemplate(null,"-");
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.